<?php
include 'functions.php';	
$userid = $_SESSION['userid'];
$lexcreated = $_SESSION['lexcreated']; 

// Handle file upload
$upload_dir = 'myuploads'; //upload to here
if (!empty($_FILES)) { //only do this when there are files to upload
	$tempFile = $_FILES['file']['tmp_name'];//get temp file name
	$targetPath = dirname(__FILE__) . DIRECTORY_SEPARATOR . $upload_dir . DIRECTORY_SEPARATOR; // 
	$filename = $targetPath . date('Y-m-d-His') . '-' . $_FILES['file']['name'];// make path to file name and attach date
	$uploadfilename = date('Y-m-d-His') . '-' . $_FILES['file']['name'];//make upload file name by attaching date
	$filetype = $_FILES["file"]["type"];//get file type
	$filesize = ($_FILES["file"]["size"] / 1024);//get size in bytes
	$fileurl = 'http://localhost/Dropzonejs/myuploads/' . $uploadfilename; //url to file CHANGE WHEN LIVE//////
	$query = "INSERT INTO files (filename,filesize,fileurl,filetype,lexid)" . " VALUES ('$uploadfilename','$filesize','$fileurl','$filetype','$lexid')";
	$result = mysqli_query($con, $query) or die("Could not upload file info to database");//execute
	move_uploaded_file($tempFile, $filename);//move the file from temp
}
// Handle rest of the form///////////////////////////////////////////////////////////////////////////////////////////////
//tags
	$tags = $_POST['tb_tag'];//get the tags
	$tag = explode(",", $tags);//split them at the comma
		//print_r($tag);//show me
	$timestamp = date("Y-m-d H:i:s");//get the current time so I can use this to stop dups later
	foreach ($tag as $tag) { //for every tag			
	$tag = trim($tag); //remove white space
	$query1 = "SELECT * FROM tags WHERE tagadded = " //check for dups caused by multiple uploads for multiple files
 	. "'" . $timestamp . "'" 
 	. " AND tag =" 
	. "'" . $tag . "'" 
	 	. "AND userid =" 
	. "'" . $_SESSION['userid'] . "'" 
	. "";
			$con = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die("Could not execute query");
	$result1 = mysqli_query($con, $query1);	
	$queryExistingUserTag = "SELECT * FROM tags WHERE tag = '$tag' AND lexid = '$lexid'";
		$con = mysqli_connect(DB_HOST, DB_USER, DB_PASS, DB_NAME) or die("Could not execute query");
	$resultExistingUserTag = mysqli_query($con, $queryExistingUserTag);
	$numExistingUserTag =  mysqli_num_rows($resultExistingUserTag);
	$num =  mysqli_num_rows($resultExistingUserTag );
	// echo $query1;
	// echo $num;
	// echo $numExistingUserTag;
	if ($num < 1  && $numExistingUserTag < 1 && $tag !== "" ) { //if it's a new tag and not blank add to db
	$query2 = "INSERT INTO tags (tag, lexid) VALUES ('$tag','$lexid')";
	$result2 = mysqli_query($con, $query2);
	}
}
//commenting and privacy
if(isset($_POST['cb_allowcomment'])){
	$lexcommenting = 1;
}
else{
$lexcommenting = 0;	
}
	 	 if(isset($_POST['cb_allowprivate'])){
	$lexprivacy = 1;
}
else{
$lexprivacy = 0;	
}
	 	$lextimedate = $_SESSION['lextimedate'];
	$query = "UPDATE lexsettings SET lexcommenting = $lexcommenting, lexprivacy = '$lexprivacy' WHERE lexid = '$lexid'"; 
$result = mysqli_query($con, $query) or die ("Could not update lex in database");
//$goreflect = goreflect();
header('LOCATION: http://localhost/c21/reflection.php');
?>